﻿using AutoMapper;
using ManagementApi.Models;
using ManagementApi.Models.Account;
using ManagementApi.Models.Corp;
using ManagementApi.Mvc;
using ManagementApi.Mvc.ApplicationContexts;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Modules.Corp;
using Modules.System.Security;
using Modules.System.User;
using System.ComponentModel.DataAnnotations;

namespace ManagementApi.Controllers.CorpPannel
{
    [Route("/api/v1/corp/Corp")]
    [ApiController]
    [Authorize(Roles = "Corp")]
    public class CorpController : ControllerBase
    {
        private readonly CorpService corpService;
        private readonly CorpApplicationContext applicationContext;
        private readonly SecurityService securityService;
        private readonly IMapper mapper;

        public CorpController(CorpService corpService, CorpApplicationContext applicationContext, SecurityService securityService, IMapper mapper)
        {
            this.corpService = corpService;
            this.applicationContext = applicationContext;
            this.securityService = securityService;
            this.mapper = mapper;
        }

        /// <summary>
        /// 获取企业信息
        /// </summary>
        /// <returns></returns>
        [HttpGet("getCorpInfo")]
        public ApiResult<CorpInfoDto> GetCorp()
        {
            CorpInfo? corpInfo = corpService.GetCorpInfo(applicationContext.CurrentUser?.Id ?? 0);
            if (corpInfo == null)
                return ApiResult<CorpInfoDto>.Failure("企业信息不存在");
            return ApiResult<CorpInfoDto>.Success(corpInfo.AsDetailDto(applicationContext));
        }

        /// <summary>
        /// 修改企业信息
        /// </summary>
        /// <param name="form"></param>
        /// <returns></returns>
        [HttpPut("updateCorp")]
        public ApiResult UpdateCorp(CorpCreateForm form)
        {
            CorpInfo? corpInfo = corpService.GetCorpInfo(applicationContext.CurrentUser?.Id ?? 0);
            if (corpInfo == null)
                return ApiResult.Failure("企业信息不存在");
            mapper.Map(form, corpInfo);
            corpService.UpdateCorpInfo(corpInfo, form.Attachments);
            return ApiResult.Success("修改成功");
        }

        /// <summary>
        /// 修改密码
        /// </summary>
        /// <param name="passWord"></param>
        /// <returns></returns>
        [HttpPut("updateCorpPassWord")]
        public ApiResult UpdateCorpPassWord([Required(ErrorMessage = "密码不能为空")] string passWord)
        {
            CorpInfo? corpInfo = corpService.GetCorpInfo(applicationContext.CurrentUser?.Id ?? 0);
            if (corpInfo == null)
                return ApiResult.Failure("企业信息不存在");
            SysSecurity? sysSecurity = securityService.GetSysSecurity(corpInfo.SecurityId);
            if (sysSecurity != null)
            {
                sysSecurity.Password = SecurityPasswordHelper.EncodePassword(passWord, UserPasswordFormat.SM4);
                securityService.Update(sysSecurity);
            }
            return ApiResult.Success("修改成功");
        }
    }
}